Scribd Logo
Upload

Welcome to Scribd!

  • Information Gathering

    Uploaded by

    felipe pereira
    26 views6 pages
    This document provides information on techniques for gathering information about a target website or domain. It discusses looking up whois and DNS records, finding technologies used and other sites on the same server. It also outlines tools like Knock and Dirb that can discover subdomains and unlisted files/directories, and mentions Maltego as an all-purpose information gathering tool.

    Original Description:

    Original Title

    Information+Gathering

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document provides information on techniques for gathering information about a target website or domain. It discusses looking up whois and DNS records, finding technologies used and other sites on the same server. It also outlines tools like Knock and Dirb that can discover subdomains and unlisted files/directories, and mentions Maltego as an all-purpose information gathering tool.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    26 views6 pages

    Information Gathering

    Uploaded by

    felipe pereira
    This document provides information on techniques for gathering information about a target website or domain. It discusses looking up whois and DNS records, finding technologies used and other sites on the same server. It also outlines tools like Knock and Dirb that can discover subdomains and unlisted files/directories, and mentions Maltego as an all-purpose information gathering tool.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 6

    Information Gathering

    ● IP address.
    ● Domain name info.
    ● Technologies used.
    ● Other websites on the same server.
    ● DNS records.
    ● Unlisted files, sub-domains, directories.
    Information Gathering
    1. Whois Lookup - Find info about the owner of the target.
    → http://whois.domaintools.com/
    2. Netcraft Site Report - Shows technologies used on the target.
    → http://toolbar.netcraft.com/site_report?url=
    3. Robtex DNS lookup - Shows comprehensive info about the target website.
    → https://www.robtex.com/
    Information Gathering
    Websites on the same server

    ● One server can serve a number of websites.


    ● Gaining access to one can help gaining access to others.

    To find websites on the same server:


    1. Use Robtex DNS lookup under “names pointing to same IP”.
    2. Using bing.com, search for ip: [target ip]
    Information Gathering
    Subdomains
    ● Subdomain.target.com
    ● Ex: beta.facebook.com

    Knock can be used to find subdomains of target


    1. Download it > git clone https://github.com/guelfoweb/knock.git
    2. Navigate to knock.py. > ce knock/knock.py
    3. Run it > python knock.py [target]
    Information Gathering
    Files + Directories
    ● Find files & directories in target website
    ● A tool called drib.

    > dirb [target] [wordlist] [options]

    For more info run


    > man dirb
    Information Gathering
    Maltego
    Maltego is an information gathering tool that can be used to collect
    information about ANYTHING.

    To run maltego type the following in terminal

    > maltegoce

    You might also like